Testing your Firewall (mini-whitepaper)

We should all know that a network firewall‘s purpose is to shield against incoming attacks. But, how does one know the effectiveness of their firewall? Let’s explore that, shall we?

Now, hackers commonly use port-scanning tools, which allow them to send requests to specific ports on a computer in hopes of a response or open door. It all depends on the most basic port technology.

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are two of the protocols that make up the TCP/IP protocol suite. It makes up the communications for the Internet. Each of these has ports, which are 0 through 65535 available ports so essentially there are more than 65,000 doors to lock. Awesome! Or not?

The first 1024 ports make up our current services, used the most, such as HTTP, FTP, SMTP, DNS, etc.

Now, if the intruder wants access to a machine, they might strobe or stealth their port scanning. Strobing involves targeting only a smaller amount of ports rather than blanket scanning all of them. Stealth involves slowing down the scanning process to make it less trackable or noticeable.

Firewall software built these days, in its best technology, should include detection for port-scans, FIN packets, and SYN packets.

Now, these hackers have a good ability to seek a temporary backdoor to your machine, wherein they can install more malware if necessary. Having access to an open port on your computer can cripple it at best, and leave your computer continually vulnerable.

Also, if a hacker sees a port open and investigates to notice a vulnerable application running on your computer, it can exploit this vulnerability very easily. The best way to keep secure from vulnerability is to keep only important ports open, close the rest – and only run services that are needed.

Most of the time, a firewall is included with your operating system. A firewall is usually always included with your router. Therefore, no one has excuses for not running firewall software.

Now, there are many ways to test your computer’s firewall. These are different sites that include a port-scanning test or an actual firewall test, or both.

  • Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing.
  • ShieldsUP! by Gibson Research Corporation is a free tool to test your firewall for vulnerabilities.
  • AuditMyPC Firewall Test is specified to check your firewall to make sure it is securing the ports. AKA: checks for open ports.
  • PCFlank Tools have a variety of exploit checking, port testing, firewall testing, stealth testing, and leakage testing tools.
  • HackerWatch Probe is one of the most classic port checking tools by McAfee.

Avira Internet Security engages some of the best firewall technology, compared to other weak internet security firewalls. They couple the best antivirus technology with good firewall technology to help secure your computer!

Tags: , , , , , , , , , , ,

About Dr Jay


Trackbacks / Pingbacks

  1. Home of Gibson Research Corporation   | Anthro Engineering - August 25, 2012
%d bloggers like this: